Commit Graph

12386 Commits

Author SHA1 Message Date
dependabot[bot] da5f136221
core: bump ruff from 0.0.275 to 0.0.276 (#6132)
Bumps [ruff](https://github.com/astral-sh/ruff) from 0.0.275 to 0.0.276.
- [Release notes](https://github.com/astral-sh/ruff/releases)
- [Changelog](https://github.com/astral-sh/ruff/blob/main/BREAKING_CHANGES.md)
- [Commits](https://github.com/astral-sh/ruff/compare/v0.0.275...v0.0.276)

---
updated-dependencies:
- dependency-name: ruff
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-07-04 13:33:59 +02:00
dependabot[bot] 26e9c9b1d7
web: bump eslint from 8.43.0 to 8.44.0 in /web (#6119)
Bumps [eslint](https://github.com/eslint/eslint) from 8.43.0 to 8.44.0.
- [Release notes](https://github.com/eslint/eslint/releases)
- [Changelog](https://github.com/eslint/eslint/blob/main/CHANGELOG.md)
- [Commits](https://github.com/eslint/eslint/compare/v8.43.0...v8.44.0)

---
updated-dependencies:
- dependency-name: eslint
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-07-03 17:02:32 +02:00
dependabot[bot] 81fdbab902
web: bump mermaid from 10.2.3 to 10.2.4 in /web (#6110)
Bumps [mermaid](https://github.com/mermaid-js/mermaid) from 10.2.3 to 10.2.4.
- [Release notes](https://github.com/mermaid-js/mermaid/releases)
- [Changelog](https://github.com/mermaid-js/mermaid/blob/develop/CHANGELOG.md)
- [Commits](https://github.com/mermaid-js/mermaid/compare/v10.2.3...v10.2.4)

---
updated-dependencies:
- dependency-name: mermaid
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-06-30 19:30:39 +02:00
Jens L 01e254e08d
ci: use dependabot groups for some dependencies (#6109)
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-06-30 16:25:58 +02:00
Jens L f306fb9c26
stages/user_write: fix duplicate source writing (#6105)
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-06-29 21:42:42 +02:00
Daniel ad81ee2740
providers/ldap: fix inconsistent saving of user flags on failed cached binds (#6096)
* feat: assign invalid pk and check

* fix: only set flags if they don't exist

* fix: userinfo not being set if data is available

* minor cleanup

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

---------

Signed-off-by: Jens Langhammer <jens@goauthentik.io>
Co-authored-by: Jens Langhammer <jens@goauthentik.io>
2023-06-29 16:57:46 +02:00
dependabot[bot] 04d0bd7fb7
web: bump @sentry/browser from 7.56.0 to 7.57.0 in /web (#6100)
Bumps [@sentry/browser](https://github.com/getsentry/sentry-javascript) from 7.56.0 to 7.57.0.
- [Release notes](https://github.com/getsentry/sentry-javascript/releases)
- [Changelog](https://github.com/getsentry/sentry-javascript/blob/develop/CHANGELOG.md)
- [Commits](https://github.com/getsentry/sentry-javascript/compare/7.56.0...7.57.0)

---
updated-dependencies:
- dependency-name: "@sentry/browser"
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-06-29 11:40:37 +02:00
dependabot[bot] ab9f819baa
web: bump typescript from 5.1.5 to 5.1.6 in /web (#6099)
Bumps [typescript](https://github.com/Microsoft/TypeScript) from 5.1.5 to 5.1.6.
- [Release notes](https://github.com/Microsoft/TypeScript/releases)
- [Commits](https://github.com/Microsoft/TypeScript/commits)

---
updated-dependencies:
- dependency-name: typescript
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-06-29 11:34:07 +02:00
dependabot[bot] 6ce09902ff
web: bump @rollup/plugin-typescript from 11.1.1 to 11.1.2 in /web (#6098)
Bumps [@rollup/plugin-typescript](https://github.com/rollup/plugins/tree/HEAD/packages/typescript) from 11.1.1 to 11.1.2.
- [Changelog](https://github.com/rollup/plugins/blob/master/packages/typescript/CHANGELOG.md)
- [Commits](https://github.com/rollup/plugins/commits/typescript-v11.1.2/packages/typescript)

---
updated-dependencies:
- dependency-name: "@rollup/plugin-typescript"
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-06-29 11:33:10 +02:00
dependabot[bot] 2bf2f5ba2e
web: bump @sentry/tracing from 7.56.0 to 7.57.0 in /web (#6101)
Bumps [@sentry/tracing](https://github.com/getsentry/sentry-javascript) from 7.56.0 to 7.57.0.
- [Release notes](https://github.com/getsentry/sentry-javascript/releases)
- [Changelog](https://github.com/getsentry/sentry-javascript/blob/develop/CHANGELOG.md)
- [Commits](https://github.com/getsentry/sentry-javascript/compare/7.56.0...7.57.0)

---
updated-dependencies:
- dependency-name: "@sentry/tracing"
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-06-29 11:32:54 +02:00
Jens L e712225ced
sources/ldap: improve scalability (#6056)
* sources/ldap: improve scalability

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* fix tests

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* fix lint

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* use cache instead of call signature for page data

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

---------

Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-06-28 17:13:42 +02:00
Jens L a987846c76
root: celery refactor (#6095)
* root: celery refactor

cleanup deprecation messages by configuring celery with a single object

run celery as django management command

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* improve debug experience

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* fix lint

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* add debugpy to dev dependencies

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* fix task_always_eager

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

---------

Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-06-28 16:44:50 +02:00
Jens L 35e2b648ba
sources/ldap: fix 100% cpu usage when LDAP Server is unavailable (#6094) 2023-06-28 15:13:12 +02:00
dependabot[bot] 6d036876db
web: bump @storybook/addon-links from 7.0.23 to 7.0.24 in /web (#6086)
Bumps [@storybook/addon-links](https://github.com/storybookjs/storybook/tree/HEAD/code/addons/links) from 7.0.23 to 7.0.24.
- [Release notes](https://github.com/storybookjs/storybook/releases)
- [Changelog](https://github.com/storybookjs/storybook/blob/v7.0.24/CHANGELOG.md)
- [Commits](https://github.com/storybookjs/storybook/commits/v7.0.24/code/addons/links)

---
updated-dependencies:
- dependency-name: "@storybook/addon-links"
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-06-28 11:42:07 +02:00
dependabot[bot] 4657a7f749
web: bump @storybook/web-components-vite from 7.0.23 to 7.0.24 in /web (#6087)
Bumps [@storybook/web-components-vite](https://github.com/storybookjs/storybook/tree/HEAD/code/frameworks/web-components-vite) from 7.0.23 to 7.0.24.
- [Release notes](https://github.com/storybookjs/storybook/releases)
- [Changelog](https://github.com/storybookjs/storybook/blob/v7.0.24/CHANGELOG.md)
- [Commits](https://github.com/storybookjs/storybook/commits/v7.0.24/code/frameworks/web-components-vite)

---
updated-dependencies:
- dependency-name: "@storybook/web-components-vite"
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-06-28 11:41:46 +02:00
dependabot[bot] f41609e1c2
web: bump @storybook/web-components from 7.0.23 to 7.0.24 in /web (#6085)
Bumps [@storybook/web-components](https://github.com/storybookjs/storybook/tree/HEAD/code/renderers/web-components) from 7.0.23 to 7.0.24.
- [Release notes](https://github.com/storybookjs/storybook/releases)
- [Changelog](https://github.com/storybookjs/storybook/blob/v7.0.24/CHANGELOG.md)
- [Commits](https://github.com/storybookjs/storybook/commits/v7.0.24/code/renderers/web-components)

---
updated-dependencies:
- dependency-name: "@storybook/web-components"
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-06-28 11:30:35 +02:00
dependabot[bot] 7deef8d4be
web: bump typescript from 5.1.3 to 5.1.5 in /web (#6084)
Bumps [typescript](https://github.com/Microsoft/TypeScript) from 5.1.3 to 5.1.5.
- [Release notes](https://github.com/Microsoft/TypeScript/releases)
- [Commits](https://github.com/Microsoft/TypeScript/compare/v5.1.3...v5.1.5)

---
updated-dependencies:
- dependency-name: typescript
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-06-28 11:30:26 +02:00
dependabot[bot] 18759a7e87
web: bump storybook from 7.0.23 to 7.0.24 in /web (#6083)
Bumps [storybook](https://github.com/storybookjs/storybook/tree/HEAD/code/lib/cli) from 7.0.23 to 7.0.24.
- [Release notes](https://github.com/storybookjs/storybook/releases)
- [Changelog](https://github.com/storybookjs/storybook/blob/v7.0.24/CHANGELOG.md)
- [Commits](https://github.com/storybookjs/storybook/commits/v7.0.24/code/lib/cli)

---
updated-dependencies:
- dependency-name: storybook
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-06-28 11:30:10 +02:00
dependabot[bot] 81774af33e
core: bump goauthentik.io/api/v3 from 3.2023054.1 to 3.2023054.2 (#6089)
Bumps [goauthentik.io/api/v3](https://github.com/goauthentik/client-go) from 3.2023054.1 to 3.2023054.2.
- [Release notes](https://github.com/goauthentik/client-go/releases)
- [Commits](https://github.com/goauthentik/client-go/compare/v3.2023054.1...v3.2023054.2)

---
updated-dependencies:
- dependency-name: goauthentik.io/api/v3
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-06-28 11:29:56 +02:00
dependabot[bot] 244454c8b1
web: bump @storybook/addon-essentials from 7.0.23 to 7.0.24 in /web (#6088)
Bumps [@storybook/addon-essentials](https://github.com/storybookjs/storybook/tree/HEAD/code/addons/essentials) from 7.0.23 to 7.0.24.
- [Release notes](https://github.com/storybookjs/storybook/releases)
- [Changelog](https://github.com/storybookjs/storybook/blob/v7.0.24/CHANGELOG.md)
- [Commits](https://github.com/storybookjs/storybook/commits/v7.0.24/code/addons/essentials)

---
updated-dependencies:
- dependency-name: "@storybook/addon-essentials"
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-06-28 11:29:40 +02:00
authentik-automation[bot] 91d1f3cbe2
web: bump API Client version (#6082) 2023-06-27 23:17:19 +02:00
Jens L 8bd23f1686
sources/oauth: fix OIDC client sending access token as header and query param (#6081)
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-06-27 23:16:52 +02:00
Jens L 863454a895
flows: allow empty value in AutosubmitChallenge (#6079)
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-06-27 23:13:58 +02:00
Jens L 416f916da6
core: fix inconsistent favicon (#6080)
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-06-27 23:13:31 +02:00
dependabot[bot] 6bca075446
web: bump @typescript-eslint/parser from 5.60.0 to 5.60.1 in /web (#6072)
Bumps [@typescript-eslint/parser](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/parser) from 5.60.0 to 5.60.1.
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases)
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/parser/CHANGELOG.md)
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v5.60.1/packages/parser)

---
updated-dependencies:
- dependency-name: "@typescript-eslint/parser"
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-06-27 11:20:00 +02:00
dependabot[bot] ba90e660fd
web: bump @typescript-eslint/eslint-plugin from 5.60.0 to 5.60.1 in /web (#6073)
Bumps [@typescript-eslint/eslint-plugin](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/eslint-plugin) from 5.60.0 to 5.60.1.
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases)
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/eslint-plugin/CHANGELOG.md)
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v5.60.1/packages/eslint-plugin)

---
updated-dependencies:
- dependency-name: "@typescript-eslint/eslint-plugin"
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-06-27 11:17:32 +02:00
dependabot[bot] a4364c0846
web: bump tslib from 2.5.3 to 2.6.0 in /web (#6075)
Bumps [tslib](https://github.com/Microsoft/tslib) from 2.5.3 to 2.6.0.
- [Release notes](https://github.com/Microsoft/tslib/releases)
- [Commits](https://github.com/Microsoft/tslib/compare/v2.5.3...2.6.0)

---
updated-dependencies:
- dependency-name: tslib
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-06-27 11:17:24 +02:00
dependabot[bot] a127486784
web: bump pyright from 1.1.315 to 1.1.316 in /web (#6074)
Bumps [pyright](https://github.com/Microsoft/pyright/tree/HEAD/packages/pyright) from 1.1.315 to 1.1.316.
- [Release notes](https://github.com/Microsoft/pyright/releases)
- [Commits](https://github.com/Microsoft/pyright/commits/1.1.316/packages/pyright)

---
updated-dependencies:
- dependency-name: pyright
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-06-27 11:17:12 +02:00
dependabot[bot] 221c01aa82
core: bump goauthentik.io/api/v3 from 3.2023053.8 to 3.2023054.1 (#6076)
Bumps [goauthentik.io/api/v3](https://github.com/goauthentik/client-go) from 3.2023053.8 to 3.2023054.1.
- [Release notes](https://github.com/goauthentik/client-go/releases)
- [Commits](https://github.com/goauthentik/client-go/compare/v3.2023053.8...v3.2023054.1)

---
updated-dependencies:
- dependency-name: goauthentik.io/api/v3
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-06-27 11:17:00 +02:00
authentik-automation[bot] def30bedaf
web: bump API Client version (#6070) 2023-06-26 23:42:32 +02:00
Jens Langhammer 422b19df60
release: 2023.5.4 2023-06-26 23:33:04 +02:00
Jens L 77d20e82f4
core: bump django to 4.1.9 (#6067)
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-06-26 18:17:17 +02:00
Jens L eab767fc1b
stages/authenticator_validate: fix regression (#6062)
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-06-26 13:06:11 +02:00
dependabot[bot] 0c597004f4
web: bump @codemirror/lang-html from 6.4.4 to 6.4.5 in /web (#6059)
Bumps [@codemirror/lang-html](https://github.com/codemirror/lang-html) from 6.4.4 to 6.4.5.
- [Changelog](https://github.com/codemirror/lang-html/blob/main/CHANGELOG.md)
- [Commits](https://github.com/codemirror/lang-html/compare/6.4.4...6.4.5)

---
updated-dependencies:
- dependency-name: "@codemirror/lang-html"
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-06-26 10:59:10 +02:00
dependabot[bot] bcc855aad5
core: bump pytest from 7.3.2 to 7.4.0 (#6060)
Bumps [pytest](https://github.com/pytest-dev/pytest) from 7.3.2 to 7.4.0.
- [Release notes](https://github.com/pytest-dev/pytest/releases)
- [Changelog](https://github.com/pytest-dev/pytest/blob/main/CHANGELOG.rst)
- [Commits](https://github.com/pytest-dev/pytest/compare/7.3.2...7.4.0)

---
updated-dependencies:
- dependency-name: pytest
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-06-26 10:58:56 +02:00
Lars Lehmann bb34cd0200
website/integrations: add Netbox integration (#5683)
* website: add Netbox integration

* website: fix Netbox spelling mistakes

* website: add NetBox groups and roles

* website: NetBox use default property mapping ad base

* website: add NetBox logout url

Signed-off-by: Lars Lehmann <33843261+larsl-net@users.noreply.github.com>

* website: fix NetBox logout url

Signed-off-by: Lars Lehmann <33843261+larsl-net@users.noreply.github.com>

* website: fix NetBox spelling

Signed-off-by: Lars Lehmann <33843261+larsl-net@users.noreply.github.com>

* small formatting fixes

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

---------

Signed-off-by: Lars Lehmann <33843261+larsl-net@users.noreply.github.com>
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
Co-authored-by: Jens Langhammer <jens@goauthentik.io>
2023-06-25 18:42:02 +02:00
Jens L 4bd66aeea9
website: fix layout on mobile devices (#6058) 2023-06-25 16:15:49 +02:00
Jens L f48663a39c
root: add version and commit to container labels (#6054)
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-06-24 00:10:27 +02:00
Jens L f7d21b3aba
website: update 2023.6 release notes (#6053)
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-06-23 15:32:49 +02:00
dependabot[bot] 97b64c0011
web: bump @storybook/web-components-vite from 7.0.22 to 7.0.23 in /web (#6044)
Bumps [@storybook/web-components-vite](https://github.com/storybookjs/storybook/tree/HEAD/code/frameworks/web-components-vite) from 7.0.22 to 7.0.23.
- [Release notes](https://github.com/storybookjs/storybook/releases)
- [Changelog](https://github.com/storybookjs/storybook/blob/v7.0.23/CHANGELOG.md)
- [Commits](https://github.com/storybookjs/storybook/commits/v7.0.23/code/frameworks/web-components-vite)

---
updated-dependencies:
- dependency-name: "@storybook/web-components-vite"
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-06-23 12:39:55 +02:00
dependabot[bot] 29892c2bde
web: bump @storybook/addon-links from 7.0.22 to 7.0.23 in /web (#6043)
Bumps [@storybook/addon-links](https://github.com/storybookjs/storybook/tree/HEAD/code/addons/links) from 7.0.22 to 7.0.23.
- [Release notes](https://github.com/storybookjs/storybook/releases)
- [Changelog](https://github.com/storybookjs/storybook/blob/v7.0.23/CHANGELOG.md)
- [Commits](https://github.com/storybookjs/storybook/commits/v7.0.23/code/addons/links)

---
updated-dependencies:
- dependency-name: "@storybook/addon-links"
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-06-23 12:35:24 +02:00
dependabot[bot] 850e47f8e1
web: bump storybook from 7.0.22 to 7.0.23 in /web (#6045)
Bumps [storybook](https://github.com/storybookjs/storybook/tree/HEAD/code/lib/cli) from 7.0.22 to 7.0.23.
- [Release notes](https://github.com/storybookjs/storybook/releases)
- [Changelog](https://github.com/storybookjs/storybook/blob/v7.0.23/CHANGELOG.md)
- [Commits](https://github.com/storybookjs/storybook/commits/v7.0.23/code/lib/cli)

---
updated-dependencies:
- dependency-name: storybook
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-06-23 12:34:16 +02:00
dependabot[bot] 3565650f3c
web: bump @storybook/addon-essentials from 7.0.22 to 7.0.23 in /web (#6042)
Bumps [@storybook/addon-essentials](https://github.com/storybookjs/storybook/tree/HEAD/code/addons/essentials) from 7.0.22 to 7.0.23.
- [Release notes](https://github.com/storybookjs/storybook/releases)
- [Changelog](https://github.com/storybookjs/storybook/blob/v7.0.23/CHANGELOG.md)
- [Commits](https://github.com/storybookjs/storybook/commits/v7.0.23/code/addons/essentials)

---
updated-dependencies:
- dependency-name: "@storybook/addon-essentials"
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-06-23 12:32:51 +02:00
dependabot[bot] 61d6a6e96c
core: bump goauthentik.io/api/v3 from 3.2023053.7 to 3.2023053.8 (#6048)
Bumps [goauthentik.io/api/v3](https://github.com/goauthentik/client-go) from 3.2023053.7 to 3.2023053.8.
- [Release notes](https://github.com/goauthentik/client-go/releases)
- [Commits](https://github.com/goauthentik/client-go/compare/v3.2023053.7...v3.2023053.8)

---
updated-dependencies:
- dependency-name: goauthentik.io/api/v3
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-06-23 12:31:06 +02:00
dependabot[bot] 579b4b6fc8
web: bump @storybook/web-components from 7.0.22 to 7.0.23 in /web (#6046)
Bumps [@storybook/web-components](https://github.com/storybookjs/storybook/tree/HEAD/code/renderers/web-components) from 7.0.22 to 7.0.23.
- [Release notes](https://github.com/storybookjs/storybook/releases)
- [Changelog](https://github.com/storybookjs/storybook/blob/v7.0.23/CHANGELOG.md)
- [Commits](https://github.com/storybookjs/storybook/commits/v7.0.23/code/renderers/web-components)

---
updated-dependencies:
- dependency-name: "@storybook/web-components"
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-06-23 12:29:55 +02:00
dependabot[bot] 0315c19eb6
core: bump drf-spectacular from 0.26.2 to 0.26.3 (#6049)
Bumps [drf-spectacular](https://github.com/tfranzel/drf-spectacular) from 0.26.2 to 0.26.3.
- [Release notes](https://github.com/tfranzel/drf-spectacular/releases)
- [Changelog](https://github.com/tfranzel/drf-spectacular/blob/master/CHANGELOG.rst)
- [Commits](https://github.com/tfranzel/drf-spectacular/compare/0.26.2...0.26.3)

---
updated-dependencies:
- dependency-name: drf-spectacular
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-06-23 11:20:50 +02:00
dependabot[bot] 9c8a230df1
core: bump sentry-sdk from 1.25.1 to 1.26.0 (#6050)
Bumps [sentry-sdk](https://github.com/getsentry/sentry-python) from 1.25.1 to 1.26.0.
- [Release notes](https://github.com/getsentry/sentry-python/releases)
- [Changelog](https://github.com/getsentry/sentry-python/blob/master/CHANGELOG.md)
- [Commits](https://github.com/getsentry/sentry-python/compare/1.25.1...1.26.0)

---
updated-dependencies:
- dependency-name: sentry-sdk
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-06-23 11:19:28 +02:00
dependabot[bot] 6be43d934f
core: bump ruff from 0.0.274 to 0.0.275 (#6051)
Bumps [ruff](https://github.com/astral-sh/ruff) from 0.0.274 to 0.0.275.
- [Release notes](https://github.com/astral-sh/ruff/releases)
- [Changelog](https://github.com/astral-sh/ruff/blob/main/BREAKING_CHANGES.md)
- [Commits](https://github.com/astral-sh/ruff/compare/v0.0.274...v0.0.275)

---
updated-dependencies:
- dependency-name: ruff
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-06-23 11:19:09 +02:00
authentik-automation[bot] 3650a0747a
web: bump API Client version (#6040) 2023-06-22 22:34:26 +02:00
Jens L b0fbd576fc
security: cure53 fix (#6039)
* ATH-01-001: resolve path and check start before loading blueprints

This is even less of an issue since 411ef239f6, since with that commit we only allow files that the listing returns

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* ATH-01-010: fix missing user filter for webauthn device

This prevents an attack that is only possible when an attacker can intercept HTTP traffic and in the case of HTTPS decrypt it.

* ATH-01-008: fix web forms not submitting correctly when pressing enter

When submitting some forms with the Enter key instead of clicking "Confirm"/etc, the form would not get submitted correctly

This would in the worst case is when setting a user's password, where the new password can end up in the URL, but the password was not actually saved to the user.

* ATH-01-004: remove env from admin system endpoint

this endpoint already required admin access, but for debugging the env variables are used very little

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* ATH-01-003 / ATH-01-012: disable htmlLabels in mermaid

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* ATH-01-005: use hmac.compare_digest for secret_key authentication

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* ATH-01-009: migrate impersonation to use API

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* ATH-01-010: rework

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* ATH-01-014: save authenticator validation state in flow context

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

bugfixes

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* ATH-01-012: escape quotation marks

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* add website

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* update release ntoes

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* update with all notes

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* fix format

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

---------

Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-06-22 22:25:04 +02:00